by addyosmani
Production-grade engineering skills for AI coding agents.
# Add to your Claude Code skills
git clone https://github.com/addyosmani/agent-skillsLast scanned: 4/16/2026
{
"issues": [],
"status": "PASSED",
"scannedAt": "2026-04-16T06:07:05.599Z",
"semgrepRan": false,
"npmAuditRan": true,
"pipAuditRan": true
}Production-grade engineering skills for AI coding agents.
Skills encode the workflows, quality gates, and best practices that senior engineers use when building software. These ones are packaged so AI agents follow them consistently across every phase of development.
DEFINE PLAN BUILD VERIFY REVIEW SHIP
┌──────┐ ┌──────┐ ┌──────┐ ┌──────┐ ┌──────┐ ┌──────┐
│ Idea │ ───▶ │ Spec │ ───▶ │ Code │ ───▶ │ Test │ ───▶ │ QA │ ───▶ │ Go │
│Refine│ │ PRD │ │ Impl │ │Debug │ │ Gate │ │ Live │
└──────┘ └──────┘ └──────┘ └──────┘ └──────┘ └──────┘
/spec /plan /build /test /review /ship
7 slash commands that map to the development lifecycle. Each one activates the right skills automatically.
| What you're doing | Command | Key principle |
|-------------------|---------|---------------|
| Define what to build | /spec | Spec before code |
| Plan how to build it | /plan | Small, atomic tasks |
| Build incrementally | /build | One slice at a time |
| Prove it works | /test | Tests are proof |
| Review before merge | /review | Improve code health |
| Simplify the code | /code-simplify | Clarity over cleverness |
| Ship to production | /ship | Faster is safer |
Skills also activate automatically based on what you're doing — designing an API triggers api-and-interface-design, building UI triggers frontend-ui-engineering, and so on.
Marketplace install:
/plugin marketplace add addyosmani/agent-skills
/plugin install agent-skills@addy-agent-skills
SSH errors? The marketplace clones repos via SSH. If you don't have SSH keys set up on GitHub, either add your SSH key or switch to HTTPS for fetches only:
git config --global url."https://github.com/".insteadOf "git@github.com:"
Local / development:
git clone https://github.com/addyosmani/agent-skills.git
claude --plugin-dir /path/to/agent-skills
Copy any SKILL.md into .cursor/rules/, or reference the full skills/ directory. See docs/cursor-setup.md.
Install as native skills for auto-discovery, or add to GEMINI.md for persistent context. See docs/gemini-cli-setup.md.
Install from the repo:
gemini skills install https://github.com/addyosmani/agent-skills.git --path skills
Install from a local clone:
gemini skills install ./agent-skills/skills/
Add skill contents to your Windsurf rules configuration. See docs/windsurf-setup.md.
Uses agent-driven skill execution via AGENTS.md and the skill tool.
Use agent definitions from agents/ as Copilot personas and skill content in .github/copilot-instructions.md. See docs/copilot-setup.md.
Skills are plain Markdown - they work with any agent that accepts system prompts or instruction files. See docs/getting-started.md.
The commands above are the entry points. Under the hood, they activate these 20 skills — each one a structured workflow with steps, verification gates, and anti-rationalization tables. You can also reference any skill directly.
| Skill | What It Does | Use When | |-------|-------------|----------| | idea-refine | Structured divergent/convergent thinking to turn vague ideas into concrete proposals | You have a rough concept that needs exploration | | spec-driven-development | Write a PRD covering objectives, commands, structure, code style, testing, and boundaries before any code | Starting a new project, feature, or significant change |
| Skill | What It Does | Use When | |-------|-------------|----------| | planning-and-task-breakdown | Decompose specs into small, verifiable tasks with acceptance criteria and dependency ordering | You have a spec and need implementable units |
| Skill | What It Does | Use When | |-------|-------------|----------| | incremental-implementation | Thin vertical slices - implement, test, verify, commit. Feature flags, safe defaults, rollback-friendly changes | Any change touching more than one file | | test-driven-development | Red-Green-Refactor, test pyramid (80/15/5), test sizes, DAMP over DRY, Beyonce Rule, browser testing | Implementing logic, fixing bugs, or changing behavior | | context-engineering | Feed agents the right information at the right time - rules files, context packing, MCP integrations | Starting a session, switching tasks, or when output quality drops | | source-driven-development | Ground every framework decision in official documentation - verify, cite sources, flag what's unverified | You want authoritative, source-cited code for any framework or library | | frontend-ui-engineering | Component architecture, design systems, state management, responsive design, WCAG 2.1 AA accessibility | Building or modifying user-facing interfaces | | api-and-interface-design | Contract-first design, Hyrum's Law, One-Version Rule, error semantics, boundary validation | Designing APIs, module boundaries, or public interfaces |
| Skill | What It Does | Use When | |-------|-------------|----------| | browser-testing-with-devtools | Chrome DevTools MCP for live runtime data - DOM inspection, console logs, network traces, performance profiling | Building or debugging anything that runs in a browser | | debugging-and-error-recovery | Five-step triage: reproduce, localize, reduce, fix, guard. Stop-the-line rule, safe fallbacks | Tests fail, builds break, or behavior is unexpected |
| Skill | What It Does | Use When | |-------|-------------|----------| | code-review-and-quality | Five-axis review, change sizing (~100 lines), severity labels (Nit/Optional/FYI), review speed norms, splitting strategies | Before merging any change | | code-simplification | Chesterton's Fence, Rule of 500, reduce complexity while preserving exact behavior | Code works but is harder to read or maintain than it should be | | security-and-hardening | OWASP Top 10 prevention, auth patterns, secrets management, dependency auditing, three-tier boundary system | Handling user input, auth, data storage, or external integrations | | performance-optimization | Measure-first approach - Core Web Vitals targets, profiling workflows, bundle analysis, anti-pattern detection | Performance requirements exist or you suspect regressions |
| Skill | What It Does | Use When | |-------|-------------|----------| | git-workflow-and-versioning | Trunk-based development, atomic commits, change sizing (~100 lines), the commit-as-save-point pattern | Making any code change (always) | | ci-cd-and-automation | Shift Left, Faster is Safer, feature flags, quality gate pipelines, failure feedback loops | Setting up or modifying build and deploy pipelines | | deprecation-and-migration | Code-as-liability mindset, compulsory vs advisory deprecation, migration patterns, zombie code removal | Removing old systems, migrating users, or sunsetting features | | documentation-and-adrs | Architecture Decision Records, API docs, inline documentation standards - document the why | Making architectural decisions, changing APIs, or shipping features | | shipping-and-launch | Pre-launch checklists, feature flag lifecycle, staged rollouts, rollback procedures, monitoring setup | Preparing to deploy to production |
Pre-configured specialist personas for targeted reviews:
| Agent | Role | Perspective | |-------|------|-------------| | code-reviewer | Senior Staff Engineer | Five-axis code review with "would a staff engineer approve this?" standard | | test-engineer | QA Specialist | Test strategy, coverage analysis, and the Prove-It pattern | | security-auditor | Security Engineer | Vulnerability detection, threat modeling, OWASP assessment |
No comments yet. Be the first to share your thoughts!
Based on votes and bookmarks from developers who liked this skill